1. Home
  2. Vulnerabilities
  3. CVE-2007-3089

CVE-2007-3089

CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 94.81 % (99th)
94.81% Progress
Affected Products 1
Advisories 15
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystroke values from window.event, aka the "promiscuous IFRAME access bug," a related issue to CVE-2006-4568.

Weaknesses
CWE-NVD-Other
Related CVEs
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2007-06-06 21:30:00
(17 years ago)
Updated Date
2018-10-16 16:47:19
(6 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 2.0.0.4 and prior versions cpe:2.3:a:mozilla:firefox <= 2.0.0.4
  Mozilla Firefox 0.8 cpe:2.3:a:mozilla:firefox:0.8
  Mozilla Firefox 0.9 cpe:2.3:a:mozilla:firefox:0.9
  Mozilla Firefox 0.9.1 cpe:2.3:a:mozilla:firefox:0.9.1
  Mozilla Firefox 0.9.2 cpe:2.3:a:mozilla:firefox:0.9.2
  Mozilla Firefox 0.9.3 cpe:2.3:a:mozilla:firefox:0.9.3
  Mozilla Firefox 0.10 cpe:2.3:a:mozilla:firefox:0.10
  Mozilla Firefox 0.10.1 cpe:2.3:a:mozilla:firefox:0.10.1
  Mozilla Firefox 1.0 cpe:2.3:a:mozilla:firefox:1.0
  Mozilla Firefox 1.0.1 cpe:2.3:a:mozilla:firefox:1.0.1
  Mozilla Firefox 1.0.2 cpe:2.3:a:mozilla:firefox:1.0.2
  Mozilla Firefox 1.0.3 cpe:2.3:a:mozilla:firefox:1.0.3
  Mozilla Firefox 1.0.4 cpe:2.3:a:mozilla:firefox:1.0.4
  Mozilla Firefox 1.0.5 cpe:2.3:a:mozilla:firefox:1.0.5
  Mozilla Firefox 1.0.6 cpe:2.3:a:mozilla:firefox:1.0.6
  Mozilla Firefox 1.0.7 cpe:2.3:a:mozilla:firefox:1.0.7
  Mozilla Firefox 1.0.8 cpe:2.3:a:mozilla:firefox:1.0.8
  Mozilla Firefox 1.5 cpe:2.3:a:mozilla:firefox:1.5
  Mozilla Firefox 1.5.0.1 cpe:2.3:a:mozilla:firefox:1.5.0.1
  Mozilla Firefox 1.5.0.2 cpe:2.3:a:mozilla:firefox:1.5.0.2
  Mozilla Firefox 1.5.0.3 cpe:2.3:a:mozilla:firefox:1.5.0.3
  Mozilla Firefox 1.5.0.4 cpe:2.3:a:mozilla:firefox:1.5.0.4
  Mozilla Firefox 1.5.0.5 cpe:2.3:a:mozilla:firefox:1.5.0.5
  Mozilla Firefox 1.5.0.6 cpe:2.3:a:mozilla:firefox:1.5.0.6
  Mozilla Firefox 1.5.0.7 cpe:2.3:a:mozilla:firefox:1.5.0.7
  Mozilla Firefox 1.5.0.8 cpe:2.3:a:mozilla:firefox:1.5.0.8
  Mozilla Firefox 1.5.0.9 cpe:2.3:a:mozilla:firefox:1.5.0.9
  Mozilla Firefox 1.5.0.10 cpe:2.3:a:mozilla:firefox:1.5.0.10
  Mozilla Firefox 1.5.0.11 cpe:2.3:a:mozilla:firefox:1.5.0.11
  Mozilla Firefox 1.5.1 cpe:2.3:a:mozilla:firefox:1.5.1
  Mozilla Firefox 1.5.2 cpe:2.3:a:mozilla:firefox:1.5.2
  Mozilla Firefox 1.5.3 cpe:2.3:a:mozilla:firefox:1.5.3
  Mozilla Firefox 1.5.4 cpe:2.3:a:mozilla:firefox:1.5.4
  Mozilla Firefox 1.5.5 cpe:2.3:a:mozilla:firefox:1.5.5
  Mozilla Firefox 1.5.6 cpe:2.3:a:mozilla:firefox:1.5.6
  Mozilla Firefox 1.5.7 cpe:2.3:a:mozilla:firefox:1.5.7
  Mozilla Firefox 1.5.8 cpe:2.3:a:mozilla:firefox:1.5.8
  Mozilla Firefox 2.0 cpe:2.3:a:mozilla:firefox:2.0
  Mozilla Firefox 2.0.0.1 cpe:2.3:a:mozilla:firefox:2.0.0.1
  Mozilla Firefox 2.0.0.2 cpe:2.3:a:mozilla:firefox:2.0.0.2
  Mozilla Firefox 2.0.0.3 cpe:2.3:a:mozilla:firefox:2.0.0.3